Nmap Development mailing list archives
Re: [nse] dns nsid, server.id, bind.version
From: Patrik Karlsson <patrik () cqure net>
Date: Tue, 17 Jan 2012 12:42:23 +0100
On Fri, Dec 16, 2011 at 10:44 PM, John Bond <john.r.bond () gmail com> wrote:
See below for a description of the attached script. It relies on patches to dns.lua. currently it is not ready to commit as the server.id and nsid seem to have an extra byte at the beginning on all systems i have tested so i need to read up what thats about. Also im off on holiday for 3 weeks so wont be able to respond; that said it would be great if people could test the script and more importantly test my patch to dns.lua to make sure it dosn't break other scripts. cheers john. as always most current version can be found https://github.com/b4ldr/nse-scripts/blob/master/dns-nsid.nse https://github.com/b4ldr/nselib/blob/master/dns.lua Cheers john description = [[ Attempts to get more information from a server by requesting the server nsid[1], and asking for id.server[2] and version.bind. This script dose the same as the following two dig commands dig CH TXT bind.version @target dig +nsid CH TXT id.server @target [1]http://www.ietf.org/rfc/rfc5001.txt [2]http://www.ietf.org/rfc/rfc4892.txt ]] --- -- @usage -- nmap -sSU -p 53 --script dns-nsid <target> -- -- @output -- 53/udp open domain udp-response -- | dns-nsid: -- | NSID dns.example.com (646E732E6578616D706C652E636F6D) -- | id.server: dns.example.com -- |_ _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Hi John, I've tested and cleaned up the patch and fixed what I think was the problem you were seeing with the additional bytes preceding all requests. I've committed both the library changes and the script as r27835. Great work! Cheers, Patrik -- Patrik Karlsson http://www.cqure.net http://twitter.com/nevdull77 _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [nse] dns nsid, server.id, bind.version Patrik Karlsson (Jan 17)
- Re: [nse] dns nsid, server.id, bind.version John Bond (Jan 17)